Table of Contents

WHMCS - client password hash generation

WHMCS Versions 6.3.0 and Newer

In version 6.3.0 WHMCS changed the method of which they use to hash passwords. Their release notes state that they are now using BCRYPT password hashing. It would appear that WHMCS is now using the password_hash() function provided with php. The following code can be used to generate a valid password to be stored in the DB.

$hash= password_hash($password, PASSWORD_BCRYPT);

WHMCS Versions 4.2.1 through 6.2.x

These versions of WHMCS create a client password hash using the md5() function along with a randomly generated salt. The salt is appended to the end of the stored password delimited by a colon. To generate a password using this method you must first generate a salt that is 5 characters in length. Once done, you will use the md5() function to create a hash using the salt and password. The following code can be used to generate a valid password to be stored in the DB

WHMCS Version Pre 4.2.1

Older versions of WHMCS use a encrypt/decryption method. If you are using this method you have to use either the WHMCS functions file so you can use the encrypt/decrypt function or use the API ( http://wiki.whmcs.com/API:Decrypt_Password )

Company

Help

WordPress Hosting Special Offer!

Promo Code: wp-intro

50% OFF WordPress Hosting!

$1.00 WordPress Hosting!

Sign up today and get your first month of WordPress hosting for only $1.00. Our WordPress hosting is a purpose built service designed specifically to increase the performance and security of your WordPress site!

* Offer only valid for 1-Month plans. You may upgrade or change your billing term at any time to receive additional discounts.